Randal, Phil wrote: > Hi folks, > > We're seeing increasing amounts of spam coming in which the email's body > contains seemingly innocuous (but obviously irrelevant) text plus an > email address for more information. > > With no urls in the message, uribls are useless... > > Currently we've had spams with emails from <whoever> (AT) nicerealmail > .info and <whoever> (AT) marketez-bonds .net. > > Currently handling it by adding specific rules as we encounter them, but > there has to be a better way of handling this. > > Anyone for emailbls? Or updating uribl to fire on [EMAIL PROTECTED] > email addresses in message bodies? > > Thoughts, anyone?
Um... SA should already be treating email addresses in the body as URIs... Are you sure yours isn't looking up the offending domains agianst the URIBLs you're using?
